APT report for 2018-11-11

TRANSNATIONAL / UNKNOWN

1. 'DerpTrolling’ faces jail time for Sony DoS attacks
2. Security Affairs newsletter Round 188 – News of the week

CHINA

Nil

INDIA

Nil

NORTH KOREA

Nil

PAKISTAN

Nil

VIETNAM

Nil

IRAN

Nil

IRAQ

Nil

LEBANON

Nil

PALESTINE

Nil

SAUDI ARABIA

Nil

SYRIA

Nil

TURKEY

Nil

UNITED ARAB EMIRATES

Nil

YEMEN

Nil

RUSSIA

Nil

SERBIA

Nil

UKRAINE

Nil

Platform report for 2018-11-11

WINDOWS

Nil

LINUX

1. Security Affairs newsletter Round 188 – News of the week
2. Linux Cryptocurrency miner leverages rootkit to avoid detection
3. Debian 9.6 release, fix more bugs and security vulnerabilities

UNIX

Nil

ANDROID

Nil

IOS

Nil

MACOS

4. Security Affairs newsletter Round 188 – News of the week

Threat report for 2018-11-11

DATA BREACH & DATA LOSS

1. Florida Department of Health Breached, Patients' Private Information Exposed

DENIAL-OF-SERVICE

Nil

MALVERTISING

Nil

PHISHING

2. How to choose the best password manager | Avast
3. An espionage group used stolen #DigitalCertificates to sign Plead #malware and used a password stealer component that was used in

WEB DEFACEMENT

Nil

BOTNET

4. UPnP-Exploiting Botnet Infecting 100,000+ Home Routers and Still Counting
5. A new spam #botnet took advantage of a UPnP vulnerability to infect over 100,000 home routers in India, China and

RANSOMWARE

Nil

CRYPTOMINING & CRYPTOCURRENCIES

6. Demystifying: Cryptocurrency Mining Threats
7. School Headmaster Fired For Stealing School Electricity To Mine Ethereum
8. Linux Cryptocurrency miner leverages rootkit to avoid detection

MALWARE

9. Exclusive: Fileless malware driving uptake of behavioural analytics
10. An espionage group used stolen #DigitalCertificates to sign Plead #malware and used a password stealer component that was used in
11. Linux Cryptocurrency miner leverages rootkit to avoid detection

EXPLOIT

Nil

VULNERABILITY

12. Cisco Patches Multiple Critical Security Flaws Affecting Different Products
13. Annoyed Researcher Disclosed Zero-Day Vulnerability In VirtualBox Without Informing Oracle
14. DJI Drone Vulnerability Due to DJI Forum’s Weakness, Patched by its Vendor
15. Nvidia GPU Side Channel Vulnerability Disclosed
16. CVE-2018-15961: Adobe ColdFusion Flaw exploited in attacks in the wild
17. A new spam #botnet took advantage of a UPnP vulnerability to infect over 100,000 home routers in India, China and
18. How does site isolation defend against #Spectre vulnerabilities? Expert Michael Cobb of @thehairyITdog explains
19. All new ShadowTalk episode is out! Ep. 50: CISCO ASA 0-day and VirtualBox Vulnerability Hear from Rafael Amado, @mazzazone, & @drshellface:
20. WooCommerce vulnerability affected a large number of websites
21. Debian 9.6 release, fix more bugs and security vulnerabilities

Region brief for 2018-11-11

ASIA

1. UPnP-Exploiting Botnet Infecting 100,000+ Home Routers and Still Counting
2. CVE-2018-15961: Adobe ColdFusion Flaw exploited in attacks in the wild
3. A new spam #botnet took advantage of a UPnP vulnerability to infect over 100,000 home routers in India, China and
4. School Headmaster Fired For Stealing School Electricity To Mine Ethereum
5. Security Affairs newsletter Round 188 – News of the week

OCEANIA

6. UPnP-Exploiting Botnet Infecting 100,000+ Home Routers and Still Counting

NORTH AMERICA

7. 'DerpTrolling’ faces jail time for Sony DoS attacks
8. UPnP-Exploiting Botnet Infecting 100,000+ Home Routers and Still Counting
9. DJI Drone Vulnerability Due to DJI Forum’s Weakness, Patched by its Vendor
10. A new spam #botnet took advantage of a UPnP vulnerability to infect over 100,000 home routers in India, China and
11. School Headmaster Fired For Stealing School Electricity To Mine Ethereum
12. Security Affairs newsletter Round 188 – News of the week
13. All new ShadowTalk episode is out! Ep. 50: CISCO ASA 0-day and VirtualBox Vulnerability Hear from Rafael Amado, @mazzazone, & @drshellface:

SOUTH AMERICA

Nil

EUROPE

14. Security Affairs newsletter Round 188 – News of the week

AFRICA

Nil

Sector brief for 2018-11-11

HEALTHCARE

1. Florida Department of Health Breached, Patients' Private Information Exposed
2. CVE-2018-15961: Adobe ColdFusion Flaw exploited in attacks in the wild

TRANSPORT

Nil

BANKING & FINANCE

3. Security Affairs newsletter Round 188 – News of the week

INFORMATION & TELECOMMUNICATION

Nil

FOOD

Nil

WATER

Nil

ENERGY

Nil

GOVERNMENT & PUBLIC SERVICE

4. DJI Drone Vulnerability Due to DJI Forum’s Weakness, Patched by its Vendor
5. CVE-2018-15961: Adobe ColdFusion Flaw exploited in attacks in the wild
6. Security Affairs newsletter Round 188 – News of the week

Daily brief for 2018-11-11

ASIA

1. UPnP-Exploiting Botnet Infecting 100,000+ Home Routers and Still Counting
2. CVE-2018-15961: Adobe ColdFusion Flaw exploited in attacks in the wild
3. A new spam #botnet took advantage of a UPnP vulnerability to infect over 100,000 home routers in India, China and
4. School Headmaster Fired For Stealing School Electricity To Mine Ethereum
5. Security Affairs newsletter Round 188 – News of the week

WORLD

6. 'DerpTrolling’ faces jail time for Sony DoS attacks
7. UPnP-Exploiting Botnet Infecting 100,000+ Home Routers and Still Counting
8. DJI Drone Vulnerability Due to DJI Forum’s Weakness, Patched by its Vendor
9. A new spam #botnet took advantage of a UPnP vulnerability to infect over 100,000 home routers in India, China and
10. School Headmaster Fired For Stealing School Electricity To Mine Ethereum
11. Security Affairs newsletter Round 188 – News of the week
12. All new ShadowTalk episode is out! Ep. 50: CISCO ASA 0-day and VirtualBox Vulnerability Hear from Rafael Amado, @mazzazone, & @drshellface:

ATTACKS

13. Florida Department of Health Breached, Patients' Private Information Exposed
14. How to choose the best password manager | Avast
15. An espionage group used stolen #DigitalCertificates to sign Plead #malware and used a password stealer component that was used in

THREATS

16. Exclusive: Fileless malware driving uptake of behavioural analytics
17. Cisco Patches Multiple Critical Security Flaws Affecting Different Products
18. Annoyed Researcher Disclosed Zero-Day Vulnerability In VirtualBox Without Informing Oracle
19. DJI Drone Vulnerability Due to DJI Forum’s Weakness, Patched by its Vendor
20. Nvidia GPU Side Channel Vulnerability Disclosed
21. Demystifying: Cryptocurrency Mining Threats
22. CVE-2018-15961: Adobe ColdFusion Flaw exploited in attacks in the wild
23. A new spam #botnet took advantage of a UPnP vulnerability to infect over 100,000 home routers in India, China and
24. School Headmaster Fired For Stealing School Electricity To Mine Ethereum
25. An espionage group used stolen #DigitalCertificates to sign Plead #malware and used a password stealer component that was used in
26. Linux Cryptocurrency miner leverages rootkit to avoid detection
27. How does site isolation defend against #Spectre vulnerabilities? Expert Michael Cobb of @thehairyITdog explains
28. All new ShadowTalk episode is out! Ep. 50: CISCO ASA 0-day and VirtualBox Vulnerability Hear from Rafael Amado, @mazzazone, & @drshellface:
29. WooCommerce vulnerability affected a large number of websites
30. Debian 9.6 release, fix more bugs and security vulnerabilities

CRIME

31. 'DerpTrolling’ faces jail time for Sony DoS attacks
32. An espionage group used stolen #DigitalCertificates to sign Plead #malware and used a password stealer component that was used in
33. Security Affairs newsletter Round 188 – News of the week

POLITICS

34. CVE-2018-15961: Adobe ColdFusion Flaw exploited in attacks in the wild
35. An espionage group used stolen #DigitalCertificates to sign Plead #malware and used a password stealer component that was used in